W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2015

Re: Call for adoption: draft-reschke-httpauth-auth-info-00

From: Alexey Melnikov <alexey.melnikov@isode.com>
Date: Fri, 06 Feb 2015 15:46:26 +0000
Message-ID: <54D4E1D2.7020702@isode.com>
To: Julian Reschke <julian.reschke@gmx.de>, Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
CC: Amos Jeffries <squid3@treenet.co.nz>, ietf-http-wg@w3.org, Yutaka Oiwa <y.oiwa@aist.go.jp>
On 06/02/2015 10:01, Julian Reschke wrote:
> On 2015-02-04 17:46, Julian Reschke wrote:
>> On 2015-02-02 15:08, Rifaat Shekh-Yusef wrote:
>>> This document does not define any semantics associated with these
>>> header, which means that the document that uses these header will be 
>>> the
>>> one that must address the information leak issue.
>>> I do not see why we would restrict a future use of these headers based
>>> on the Digest usage; this seems odd to me.
>>>
>>> Regards,
>>>   Rifaat
>>
>> Well, the goal for me was not to define anything new, but just to
>> extract what we have already into something that can be maintained
>> separately from DIGEST. As such, Hervé's comment made sense to me, and I
>> updated the editor's copy accordingly:
>>
>>
>> <http://greenbytes.de/tech/webdav/draft-ietf-httpbis-auth-info-latest-from-previous.diff.html> 
>>
>>
>>
>> Maybe other potential users of Auth-Info (Yutaka & Alexey) could state
>> whether having this constraint would affect their ability to use
>> Authentication-Info?
>>
>> Assuming that is not the case, I'd like to declare victory, submit a new
>> draft, and ask Mark to start a WGLC...
>>
>> Best regards, Julian
>> ...
>
> Seeing no additional feedback, I went ahead and submitted draft 01.
I think your definition would work for the SCRAM draft.
Received on Friday, 6 February 2015 15:47:34 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:43 UTC